I am trying to validate a keytab file. I am getting the following error message
kinit: Keytab contains no suitable keys for HTTP/HTTP/[email protected] while getting initial credentials
When enabled trace I got the following messages
#KRB5_TRACE=/dev/stdout kinit -k -t xxx.keytab HTTP/[email protected]
Using default cache: /tmp/krb5cc_1001
Using principal: HTTP/[email protected]
Using keytab: xxx.keytab
[20299] 1557905070.909564: Getting initial credentials for HTTP/[email protected]
[20299] 1557905070.909565: Looked up etypes in keytab: (empty)
[20299] 1557905070.909566: Getting initial credentials for HTTP/[email protected]
[20299] 1557905070.909567: Looked up etypes in keytab: (empty)
kinit: Keytab contains no suitable keys for HTTP/HTTP/[email protected] while getting initial credentials
Any idea why I am getting the etypes list as empty. I created the keytab file using -crypto ALL option.
Any help in this issue is highly appreciated
The problem was when I use ktpass command to create keytab file, the principal added inside was using the realm name in small letters HTTP/[email protected]. I rectified this issue by creating a keytab file on linux server using ktutil command and adding principal with realm name in capital letters typing it manually HTTP/[email protected] using addentry. It worked for me